Most computer systems currently in place are used by multiple users in parallel and/or serially. This includes networked computer systems that have two or more of computer processors, storage units, and/or other computer hardware, some of which can include various computer software. In addition to limiting access to the computer system itself, it is sometimes desirable for different users to have different rights or access to various applications or services on the network (“network services”). Such access control may be useful to maintain the integrity of the computer system, including that of resident data or programs. Such needs can become increasingly important and their solutions more complex as the number of users and/or size of the network increases.
Access to an application server or particular use of an application server can be limited by the application server requiring permission information associated with the application and the user invoking the application client. When the user invokes the application client, the permission information is passed to the application server. The application server evaluates the permission information to determine whether and/or how to proceed with the server functions. For example, in a web browser application, when the web browser client is invoked to access a requested URL via the web browser server, the permission information related to the user and the web browser client are passed to and used by the web browser server. The web browser server can use the permission information to make access control decisions, e.g., by evaluating whether the user has the permissions that are appropriate for accessing the requested URL. It can be appreciated, therefore, that when permission information associated with a first user is used by an application client when invoked by a second user, the second user may masquerade as the first user and gain access to information for which that second user does not have rights. Depending upon the permission information, the second user may be able to read, write, execute, or perform some other process with regard to information, when the second user does not have such predetermined rights.
Permission information or information from which the permission information can be determined, collectively called access information, can be stored in an access file in memory of the host computer system. Typically, an individual host computer of a computer network includes an operating system which can facilitate control of the host file system of files, including the access file. The file system can maintain the file permissions or access control lists (ACL's) of the various files located in memory of the host. Usually these permissions can be modified by the owner of the file or by another entity with appropriate rights. More particularly, such permissions and ACL's can include an identification of the user(s) that have permission to, for example, write to and/or read from the particular file. Thus, the file system can provide a measure of access control for such files under its purview. However, with some operating systems, techniques can be used by a user to gain access to the access file, and therefore to permission information, associated with any other user. Such users can then masquerade as other users and gain unauthorized access to information.
Accordingly, a security system and method is desired to provide increased access control to network applications and/or services by more effectively controlling access to network security credentials that allow users to authenticate to application servers. It is also desired to extend such access control to a per-process granularity on the user host computer system. In particular, it is desired that such security system require minimal complexity and minimal amount of change to an existing computer system, while maximizing allowable user access and access control flexibility. Such a system and method are implemented in conjunction with an operating system with which each process is prevented from accessing the memory associated with the operating system and the memory associated with other processes on the host computer system.